A Russian-speaking gang of computer criminals has stolen millions of dollars since late 2013 from banks in Russia, Eastern Europe and the U.S., according to new report from security concern Kaspersky Lab ZAO.

Hackers are finding a new avenue to government and corporate networks through insecure building networks. A report warns that the federal government has not fully assessed the cyber risk from poorly protected control systems that control a building’s heating, air conditioning, elevators or lighting. “These systems are an on-ramp into the corporate network because they’re so vulnerable,” one expert tells CIO Journal.

Good Morning. Amid growing concerns about network vulnerability, chief information officers are finding that more of their jobs involve scrutinizing the security of third-party vendors. As the Journal’s Jennifer Smith and Emily Glazer report, big banks are turning the spotlight on their most trusted third-parties–the lawyers with access to everything from trade secrets to market-moving details on mergers and acquisitions.

While companies are investing millions of dollars in insurance policies to protect themselves from cyber security breaches, the market is fraught with pitfalls, said Zouhair Guelzim, chief information security officer of L’Oreal Americas.

Search for CIO Report Articles

About The CIO Report

CIO Journal provides time-pressed CIOs with a definitive destination for the most relevant news and analysis, to help them connect the dots between technology trends and business strategy. Its team of reporters and editors—aided by the resources of Dow Jones and thousands of other premium news sites—focuses on the use of technology as a tool for business growth. Contact our editors with news items, comments and questions at: ciojeditors@wsj.com.